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ABSTRACT 

This paper presents a novel approach for Detecting malicious Node in MANETs. MANET is a collection of 
mobile nodes equipped with both a wireless transmitter and a receiver that communicate with each other via bidirectional 
wireless links either directly or indirectly. The main objective is to prevent MANETs from malicious node by using cross 
layer approach. Also we use encryption and decryption of data's that are to be transferred. Encryption is done at sender 
side and decryption takes place at the selected pop node. If decrypted data at the destination matches with the data that was 
sent by the server then only it is displayed at the pop node. 
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INTRODUCTION 

Ad Hoc Network is a method for wireless devices to directly communicate with each other. An example of an ad 
hoc network is given in Figure 1 where it allows all wireless devices to discover and communicate in peer -to -peer 
fashion without involving central access point. One of the best example is Bluetooth of a such networks. Any malicious 
node in the network can disturb the whole process or can even stop it. Several attacks like black hole, wormhole, rushing 
etc have been come into the picture under which a legitimate node behaves in a malicious manner. It is quite difficult to 
define and detect such behavior of a node. Therefore, it becomes mandatory to define the normal and malicious behavior of 
a node. Whenever a node exhibits a malicious behavior under any attack, it assures the breach of security principles like 
availability, integrity, confidentiality etc [4]. An intruder takes advantage of the vulnerabilities presents in the ad hoc 
network and attacks the node which breaches the security principles. 
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Figure 1: Example of Ad Hoc Network 
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BEHAVIOR OF NODES 

Normal Behavior: The Process of delivering packets from source node (s) to destination node (D), 
while maintaining the basic requirements Availability (Av), Accessebility (Ac), and Authentications (Au), then It is called 
a Normal behavior of nodes. 

Malicious Behavior: "When a Packet is Not delivered from source Node(s) to Destination Node (d), It comes 
under malicious behavior. 

We can also detect malicious behavior if the following behavior occurs 

• Delay: Malicious Node delay the Packets to forward from source(S) to destination (D). 

• High Bandwidth: whenever nodes consumes high bandwidth, then it comes under malicious behavior. 

• Buffer Overflow: It fills the Buffer with fake Updates so that it is unable to update genuine buffer. 

• Message Tampering: Content of the packets may tamper. 

• Fake Routing: Whether there exists a path between nodes or not, a malicious node can send fake routes to the 
legitimate nodes in order to get the packets or to disturb the operations. 

• Node Not Available: An intruder can isolate the node from taking part in any operation so as to create delays 
when the source node chooses another alternative path. 

• Stealing Information: Information like the content, location, sequence number can be stolen by the malicious 
node to use it further for attack. 

• Session Capturing: When two legitimate nodes communicate, a malicious node can capture their session so as to 
take some meaningful information. 

• Others: There are other ways also in which a node behaves in a malicious manner. 
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Figure 2: Defined Algorithm for Normal & Malicious Behavior of a Node 
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In AODV routing Protocol, each node will sends hello message to obtain information from its neighbor, after 
Route request (RREQ) it forwards the packets to its neighbors. 

After sometime, the node will monitor routing table to examine which nodes is unable to forward the packet and 
RREQ message. The node which is unable to forward the packets and RREQ is identified as malicious. 

RELATED WORK 

Node A wants to transmit a packet to node B. To do this, Awaits until the medium is free, requesting it by means 
of an RTS message (according to a transmission probability PTx). The message might, with probability PCOL, suffer from 
a collision if another node within the range of A sends an RTS at the same time. If there is no collision, node B replies with 
a CTS message, which can also collide with a probability PCOL if a hidden node, located within the range of B but out of 
range of node A, transmits some message at the same time. However, a CTS collision only happens if there is no previous 
RTS collision and, therefore, being the actual CTS collision probability (1 - PCOL)- PCOL. Once node A has accessed the 
medium, i.e. neither RTS nor CTS collision has occurred; it transmits the desired data to B, which will receive the packet 
unless a channel error happens. This occurs with probability PERR. Thus, B will receive the packet correctly only if there 
was no RTS collision, no CTS collision nor channel error. 
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Figure 4: Flowchart for the Forwarding Process in MANETs 

Working of AODV Protocol 

AODV is a reactive protocol, i.e. routes to a given destination are established on demand. If a node needs a 
connection, it broadcasts a route request message (RREQ) that would be forwarded by other nodes. When a node receiving 
such a message has a route to the destination, it sends a route replay message (RREP) backwards. This whole process is 
known as route discovery. 

In order to work properly, each node keeps track of the nodes it can communicate directly, considered as its 
neighbors, by listening for HELLO messages periodically broadcasted by each node. To avoid unnecessary bandwidth and 
energy consumption due to these messages, it is common in MANETs to use a link layer-based procedure to update the list 
of neighbors. When a node starts sensing the medium and sending RTS messages for relaying a packet, the procedure 
checks if the 802.11 RTS/CTS mechanism reaches the maximum number of retransmissions, i.e. the maximum number of 
RTS messages without a CTS reply. This value for RTS max is set to 7 by default in the protocol. In such a case, 
AODV considers that the link is broken and initiates a mechanism called route maintenance. Once the procedure starts, 
two possibilities may occur (Figure 4) 
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Node A wants to transmit a packet to node B. To do this, Awaits until the medium is free, requesting it by means 
of an RTS message (according to a transmission probability PTx). The message might, with probability PCOL, suffer from 
a collision if another node within the range of A sends an RTS at the same time. If there is no collision, node B replies with 
a CTS message, which can also collide with a probability PCOL if a hidden node, located within the range of B but out of 
range of node A, transmits some message at the same time. However, a CTS collision only happens if there is no previous 
RTS collision and, therefore, being the actual CTS collision probability (1 - PCOL)- PCOL. Once node A has accessed the 
medium, i.e. neither RTS nor CTS collision has occurred; it transmits the desired data to B, which will receive the packet 
unless a channel error happens. This occurs with probability PERR. Thus, B will receive the packet correctly only if there 
was no RTS collision, no CTS collision nor channel error. 




Figure 5: Flowchart for the Forwarding Process in MANETs 
DATAFLOW DIAGRAM 



A data flow diagram (DFD) is a graphical representation of the "flow" of data through an information system. 
DFDs can also be used for the visualization of data processing (structured design). On a DFD, data items flow from an 
external data source or an internal data store to an internal data store or an external data sink, via an internal process. 




Figure 6: Flow Chart 
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CONCLUSIONS 

This method gives a novel scheme to prevent MANETs from unauthorized access of data from malicious node 
that cannot reach destination node as well as data forwarded from source node is also encrypted. So the attacker cannot 
introduce himself as a source. Communication is not hampered between source and destination. Acknowledgment provides 
the details of the communication whether the message is reached or not. Due to the use of encryption and decryption, 
the transmission of data is more secure. 

FUTURE ENHANCEMENTS 

Here we consider MANETs in our simulation. This approach can be applied into VPNs as well as in VANETs. 
More type of files in advance to text and java files can be taken into consideration. We can also include the packet 
dropping detection with this method so probability of finding the malicious node will increase. 
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